Intel Microcode Privilege Escalation Vulnerability CVE-2025-31648 Advisory

Intel ID: INTEL-SA-01396 Advisory Category: Hardware Impact of Vulnerability: Escalation of Privilege Severity Rating: LOW Original Release: 02/10/2026 Last Revised: 02/10/2026 Vulnerability Details CVE ID: CVE-2025-31648 Description: Improper handling of values in the microcode flow for some Intel® Processor Family may allow an escalation of privilege. Startup code and SMM adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) impacts. CVSS Base Score 4.0: 1.8 Low - Vector: AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N CVSS Base Score 3.1: 3.9 Low - Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N Affected Products 10th Generation Intel® Core™ processor family (Ice Lake, Mobile) 11th Generation Intel® Core processor family (Tiger Lake, Mobile) Intel® Celeron® 6305RE, Intel® Celeron® 6305E, Intel® Core™ i3-1115GRE, etc. (Tiger Lake, Embedded) 1. 11th Generation Intel® Core™ processor family (Rocket Lake, Desktop) Intel® Xeon® E-2300 processor family, Intel® Xeon® W-1300 processor family (Tatlow, Server/AMT Server) 12th Generation Intel® Core™ processor family (Alder Lake, Mobile, Embedded, Desktop) 13th Generation Intel® Core™ Processor Family, 14th Generation Intel® Core™ processor family, etc. (Raptor Lake, Catlow, Mobile, Desktop, Server) Intel® Core™ Ultra processors (Series 1), Intel® Core™ Ultra processors (Series 2) (Meteor Lake, Arrow Lake, Lunar Lake, Desktop, Mobile) 3rd Generation Intel® Xeon® Scalable processor family, Intel® Xeon® D processor family, etc. (Whitley, Idaville, Server, Embedded) 4th Generation Intel® Xeon® Scalable processors, Intel® Xeon® W Processors, 5th Generation Intel® Xeon® Scalable processors (Eagle Stream, Fishhawk Falls, Birch Stream, Server, Workstation) Intel® Xeon® 6 processor with P-Cores, Intel® Xeon® 6700P-B/6500P-B Series SoC with P-Cores (Kaseyville, Server, Workstation) Recommendation Intel recommends that users of affected processors update the latest version of firmware provided by the system manufacturer that addresses this issue. Intel has released microcode updates for the affected processors that are currently supported on the public GitHub repository as listed below. Acknowledgements Intel would like to thank Sergiu Ghetie, the CEO of Cloud Tank Inc., for reporting this issue.

Goal Reached Thanks to every supporter — we hit 100%!

Intel Microcode Privilege Escalation Vulnerability CVE-2025-31648 Advisory